<?php
//dochangeusertype.php
//Changes user type from admin to user or user to admin
require_once("../login/class.session.php");
require_once("../functions.php");
require_once("../login/database.php");
if (!isset($session->logged_in) || !$session->logged_in) {
  header("Location: ../createaccount.php");
}

$userinfo = $session->userinfo;

if($_GET && isset($_GET['id']) && isset($_GET['new'])){  
  $safe_id = sql_escape($_GET['id']);
  if(is_numeric($safe_id)){
  
    $safer_id = (int) $safe_id;
    
    if($safer_id != $_SESSION['user']){
      $tablename = "user";
      $where = array("id" => $safer_id);
      // Make user a user
      if($_GET['new'] == 'user'){
        $values = array("isadmin" => 0);
        query_update($tablename, $values, $where);        
      }
      
      // Make user an admin
      else if($_GET['new'] == 'admin'){  
        $values = array("isadmin" => 1);
        query_update($tablename, $values, $where);   
      }
      
    }
  }
}

header('location: ../admin.php');
exit;



?>
